search

lima-vm / lima

Linux virtual machines, with a focus on running containers
https://lima-vm.io/
Apache License 2.0
15.5k stars 608 forks source link

ssh in lima seems to exclude aes-ctr and force aes-gcm exclusively #2913

Open apostasie opened 2 weeks ago

apostasie commented 2 weeks ago

Description

My problem here is that we do not want to carry openssl as a dependency in other parts of our systems, and our ssh client is compiled --without-openssl.

So:

$ ssh -Q cipher
aes128-ctr
aes192-ctr
aes256-ctr
chacha20-poly1305@openssh.com

Which will not work with lima apparently:

$ limactl shell foo
command-line line 0: Unsupported option "gssapiauthentication"
command-line line 0: Bad SSH2 cipher spec '^aes128-gcm@openssh.com,aes256-gcm@openssh.com'.

From a casual reading of: https://github.com/lima-vm/lima/blob/217da28fb2bf8e02e538a397b7977de463cc3568/pkg/sshutil/sshutil.go#L201-L222

It seems to me lima is forcing gcm (when there is acceleration for aes), with a fallback on chacha - so, pretty much, forcing ciphers that also provide integrity, excluding ctr+separate mac.

I appreciate strong opinions :-) - and clearly there is nothing wrong with aes-gcm (though maybe chacha is more contentious) - so, if this was a conscious decision to make lima work exclusively for these ciphers, that is fine.

On the other hand, if this was not a concerted decision - there is nothing wrong with aes-ctr + hmac-sha2 either - so, curious about folks' opinion on this?

Thanks in advance.

AkihiroSuda commented 2 weeks ago

Yes, Lima should query ssh -Q cipher to validate available algorithms